search

vmware-archive / gangway

An application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster.
Apache License 2.0
410 stars 113 forks source link

Commands from commandline template fail when cluster name or credential name contain spaces #131

Closed nickperry closed 4 years ago

nickperry commented 5 years ago

The arguments to kubectl and other shell commands in commandline template need quoting, such that it is possible to use cluster names (ClusterName) and user names (KubeCfgUser) containing whitespace. For example a user name of "Nick Perry" or a cluster name of "production cluster".

The following lines of templates/commandline.tmpl all have such cases that need addressing:

58 echo "{{ .ClusterCA }}" \ > ca-{{ .ClusterName }}.pem
59 kubectl config set-cluster {{ .ClusterName }} --server={{ .APIServerURL }} --certificate-authority=ca-{{ .ClusterName }}.pem --embed-certs
60 kubectl config set-credentials {{ .KubeCfgUser }}  \
67 kubectl config set-context {{ .ClusterName }} --cluster={{ .ClusterName }} --user={{ .KubeCfgUser }}
68 kubectl config use-context {{ .ClusterName }}
69 rm ca-{{ .ClusterName }}.pem

At present, the following will happen if you try to use the commands produced by the commandline template when you have spaces in credentials:

# kubectl config set-credentials Nick Perry@foo
error: Unexpected args: [Nick Perry@foo]

whereas, if we had quotes:

# kubectl config set-credentials "Nick Perry@foo"
User "Nick Perry@foo" set.
nickperry commented 5 years ago

Would you welcome a PR to address this?

alexbrand commented 5 years ago

@nickperry Thanks for opening this issue. We will gladly accept PRs to address this.

Thanks!

nickperry commented 5 years ago

Fixed in https://github.com/heptiolabs/gangway/pull/133